1. Field of the Invention
The present invention relates to an electronic settlement system. The present invention is particularly concerned with a technique for ensuring high level of security against possible illegal attempts.
2. Description of the Related Art
Recent commercial transactions use not only cashless transactions such as credit cards but electronic transactions by transmission of settlement data for making the payment for a commercial product or service rendered to consumers. In a card settlement system or in an electronic settlement system, a merchant shop is provided with a computer terminal supplied from the settlement company. When a customer makes a purchase in the merchant shop, the personal information of the customer necessary for his verification is transmitted from the computer terminal to the settlement center of the company. The settlement center examines the received verification information and checks to see if the customer can make the payment of the purchased item and sends the result of the check to the computer terminal of the merchant shop. In the card settlement system, the customer hands over his credit card containing his personal verification information to a merchant. He needs to permit his personal information to be read into the merchant's computer, thus causing it to be laid open to the knowledge of the merchant. In the electronic settlement system, the customer needs to inform the merchant of his personal information. These systems work when the relationship between the customer and the merchant is based on mutual trust. Therefore, the security level of these systems is not satisfactory.
Many attempts have been made to improve the security level of such systems. For example, Japanese Patent Publication 11-45366 titled “individual confirmation system” discloses an authentication system in which customers carry a mobile communication terminal to allow his personal information to be directly accessed from a settlement center. This electronic settlement system includes a settlement center owned and operated by a settlement company to provide management of information necessary for a settlement process to proceed between subscribed customers and merchants. The system further includes a sales terminal in a merchant shop for authentication of customers' personal information. The phone number of the mobile communication terminal is stored in a memory. Settlement center 10 stores customers' phone numbers and passwords of mobile terminals and establishes communication to each mobile communication terminal via a wireless communication channel. In addition, the settlement center and a sales terminal exchanges information necessary for authentication through a wire-line communication channel. When a customer makes a purchase in a merchant shop, this electronic settlement system informs the sales terminal at the merchant shop of the customer's phone number. This is achieved by connecting the mobile communication terminal to the sales terminal and reading the stored phone number. The phone number is then transmitted to the settlement center via a wire-line communication channel. The settlement center establishes a dial-up connection to the mobile communication terminal to urge the customer to enter a password to the mobile communication terminal. On receiving the password 16, the settlement center 10 compares it against a library of passwords that are mapped to the phone numbers of subscribed customers for coincidence and informs the sales terminal of the result of the check. According to the check result, if the sales terminal verifies that the purchaser is the genuine owner of the mobile communication terminal, it urges the purchaser to effect the payment of the purchase. When the payment is made, payment data is transmitted to the settlement center. In this way, the password of a purchaser is transmitted to the settlement center without leaving the password open to the knowledge of the merchant. The level of security can be enhanced in this way.
However, the security level of the prior art electronic settlement system as disclosed in the aforesaid Japanese Patent Publication is still not sufficiently high since the customer's property will be engendered if the purchaser's personal information is illegally used by a merchant.
First, the need to read the phone number of a purchaser into a merchant's sales terminal would tempt a malicious merchant to make a willful false purchase by illegally using the stored phone number as if the purchase has been made by the owner of the phone number. Settlement does not occur in so far as the purchaser has not entered his own password into his mobile communication terminal. However, if such a false purchase occurs during the time the owner of the phone number is conducting a transaction with a different merchant, the settlement center would proceed with the settlement of the false purchase.
Second, since payment data to be sent to the settlement center is supplied only from a merchant's sales terminal and since this data input occurs after the purchaser is authenticated, the merchant has a chance to revise the payment data. In addition, a malicious merchant would behave in the presence of the purchaser as if settlement were lawfully processed and then after the purchaser has left the merchant shop, the merchant has a chance to revise the payment data.
Third, since it is necessary for the merchant to access the purchaser's mobile communication terminal to request the purchaser to enter his own password before proceeding with settlement as described above, the purchaser's phone number must be open to the merchant. Because of this openness and the fact that the time a settlement has been completed is not precisely clear, a malicious merchant would be tempted to make a false phone call to the purchaser by addressing himself as a settlement center personnel and illegally obtains his password.
In addition, the electronic settlement system as disclosed in Japanese Patent Publication 9-54808 requires that purchaser's personal data be processed by special software for electronic signature and cryptic communication. The amount of data will increase due to the redundant bits necessary for ciphering the important information. In particular, a mobile communication terminal in the Wireless Application Protocol (WAP) system requires a browser function necessary to display contents described in a particular information description language in order to acquire information from an internet server. Further, the size of mobile communication terminals must be small and have less weight as possible. Accordingly, there is a need for an electronic settlement system which is not required to use complex software while ensuring high level of security.